OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SAML 2.0 & Authentication mechanism [service]

SAML 2.0 defines a ECP profile which is an extension to LECP of ID-FF because ECP talks about PAOS Binding (taken from ID-WSF specification) in the profile and thus
makes the specification of this profile more complete & concrete.
My concern/question is that SAML 2.0 does not talk about how authentication should be done using standard protocol messages (something like that of ID-WSF Authentication Service SASL messages).
For eg. in ECP profile.
ECP ---> SP [ Send HTTP Request ]
SP ---> ECP [Send AuthnRequest using PAOS binding]
ECP    <-------------------------->   IDP  
Messages for the above step are problems for me. I know I can use Authentication service for this as defined in ID-WSF (SASL) but somehow not feeling comfortable mixing specifications in implementation.
Plase advise me for this concern of mine.
Kapil Sachdeva

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]